📄 authreg_mysql.c
字号:
/* * jabberd - Jabber Open Source Server * Copyright (c) 2002-2003 Jeremie Miller, Thomas Muldowney, * Ryan Eatmon, Robert Norris * * This program is free software; you can redistribute it and/or modify * it under the terms of the GNU General Public License as published by * the Free Software Foundation; either version 2 of the License, or * (at your option) any later version. * * This program is distributed in the hope that it will be useful, * but WITHOUT ANY WARRANTY; without even the implied warranty of * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.See the * GNU General Public License for more details. * * You should have received a copy of the GNU General Public License * along with this program; if not, write to the Free Software * Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA02111-1307USA *//* this module talks to a MySQL server via libmysqlclient */#include "c2s.h"#ifdef STORAGE_MYSQL#define MYSQL_LU 1024 /* maximum length of username - should correspond to field length */#define MYSQL_LR 256 /* maximum length of realm - should correspond to field length */#define MYSQL_LP 256 /* maximum length of password - should correspond to field length */#include <mysql.h>typedef struct mysqlcontext_st { MYSQL * conn; char * sql_create; char * sql_select; char * sql_setpassword; char * sql_setzerok; char * sql_delete; char * field_password; char * field_hash; char * field_token; char * field_sequence; } *mysqlcontext_t;static MYSQL_RES *_ar_mysql_get_user_tuple(authreg_t ar, char *username, char *realm) { mysqlcontext_t ctx = (mysqlcontext_t) ar->private; MYSQL *conn = ctx->conn; char iuser[MYSQL_LU+1], irealm[MYSQL_LR+1]; char euser[MYSQL_LU*2+1], erealm[MYSQL_LR*2+1], sql[1024 + MYSQL_LU*2 + MYSQL_LR*2 + 1]; /* query(1024) + euser + erealm + \0(1) */ MYSQL_RES *res; if(mysql_ping(conn) != 0) { log_write(ar->c2s->log, LOG_ERR, "mysql: connection to database lost"); return NULL; } snprintf(iuser, MYSQL_LU+1, "%s", username); snprintf(irealm, MYSQL_LR+1, "%s", realm); mysql_real_escape_string(conn, euser, iuser, strlen(iuser)); mysql_real_escape_string(conn, erealm, irealm, strlen(irealm)); sprintf(sql, ctx->sql_select, euser, erealm); log_debug(ZONE, "prepared sql: %s", sql); if(mysql_query(conn, sql) != 0) { log_write(ar->c2s->log, LOG_ERR, "mysql: sql select failed: %s", mysql_error(conn)); return NULL; } res = mysql_store_result(conn); if(res == NULL) { log_write(ar->c2s->log, LOG_ERR, "mysql: sql result retrieval failed: %s", mysql_error(conn)); return NULL; } if(mysql_num_rows(res) != 1) { mysql_free_result(res); return NULL; } return res;}static int _ar_mysql_user_exists(authreg_t ar, char *username, char *realm) { MYSQL_RES *res = _ar_mysql_get_user_tuple(ar, username, realm); if(res != NULL) { mysql_free_result(res); return 1; } return 0;}static int _ar_mysql_get_password(authreg_t ar, char *username, char *realm, char password[257]) { mysqlcontext_t ctx = (mysqlcontext_t) ar->private; MYSQL *conn = ctx->conn; MYSQL_RES *res = _ar_mysql_get_user_tuple(ar, username, realm); MYSQL_FIELD *field; MYSQL_ROW tuple; int i, fpass = 0; if(res == NULL) return 1; for(i = mysql_num_fields(res) - 1; i >= 0; i--) { field = mysql_fetch_field_direct(res, i); if(strcmp(field->name, ctx->field_password) == 0) { fpass = i; break; } } if((tuple = mysql_fetch_row(res)) == NULL) { log_write(ar->c2s->log, LOG_ERR, "mysql: sql tuple retrieval failed: %s", mysql_error(conn)); mysql_free_result(res); return 1; } if(tuple[fpass] == NULL) { mysql_free_result(res); return 1; } strcpy(password, tuple[fpass]); mysql_free_result(res); return 0;}static int _ar_mysql_set_password(authreg_t ar, char *username, char *realm, char password[257]) { mysqlcontext_t ctx = (mysqlcontext_t) ar->private; MYSQL *conn = ctx->conn; char iuser[MYSQL_LU+1], irealm[MYSQL_LR+1]; char euser[MYSQL_LU*2+1], erealm[MYSQL_LR*2+1], epass[513], sql[1024+MYSQL_LU*2+MYSQL_LR*2+512+1]; /* query(1024) + euser + erealm + epass(512) + \0(1) */ if(mysql_ping(conn) != 0) { log_write(ar->c2s->log, LOG_ERR, "mysql: connection to database lost"); return 1; } snprintf(iuser, MYSQL_LU+1, "%s", username); snprintf(irealm, MYSQL_LR+1, "%s", realm); password[256]= '\0'; mysql_real_escape_string(conn, euser, iuser, strlen(iuser)); mysql_real_escape_string(conn, erealm, irealm, strlen(irealm)); mysql_real_escape_string(conn, epass, password, strlen(password)); sprintf(sql, ctx->sql_setpassword, epass, euser, erealm); log_debug(ZONE, "prepared sql: %s", sql); if(mysql_query(conn, sql) != 0) { log_write(ar->c2s->log, LOG_ERR, "mysql: sql update failed: %s", mysql_error(conn)); return 1; } return 0;}static int _ar_mysql_get_zerok(authreg_t ar, char *username, char *realm, char hash[41], char token[11], int *sequence) { mysqlcontext_t ctx = (mysqlcontext_t) ar->private; MYSQL *conn = ctx->conn; MYSQL_RES *res = _ar_mysql_get_user_tuple(ar, username, realm); int i, fhash, ftok, fseq; MYSQL_FIELD *field; MYSQL_ROW tuple; if(res == NULL) return 1; fhash = ftok = fseq = 0; for(i = mysql_num_fields(res) - 1; i >= 0; i--) { field = mysql_fetch_field_direct(res, i); if(strcmp(field->name, ctx->field_hash) == 0) fhash = i; else if(strcmp(field->name, ctx->field_token) == 0) ftok = i; else if(strcmp(field->name, ctx->field_sequence) == 0) fseq = i; } if((tuple = mysql_fetch_row(res)) == NULL) { log_write(ar->c2s->log, LOG_ERR, "mysql: sql tuple retrieval failed: %s", mysql_error(conn)); mysql_free_result(res); return 1; } if(tuple[fhash] == NULL || tuple[ftok] == NULL || tuple[fseq] == NULL) { mysql_free_result(res); return 1; } strcpy(hash, tuple[fhash]); strcpy(token, tuple[ftok]); *sequence = atoi(tuple[fseq]); mysql_free_result(res); return 0;}static int _ar_mysql_set_zerok(authreg_t ar, char *username, char *realm, char hash[41], char token[11], int sequence) { mysqlcontext_t ctx = (mysqlcontext_t) ar->private; MYSQL *conn = ctx->conn; char iuser[MYSQL_LU+1], irealm[MYSQL_LR+1]; char euser[MYSQL_LU*2+1], erealm[MYSQL_LR*2+1], ehash[81], etoken[21], sql[1024+MYSQL_LU*2+MYSQL_LR*2+80+20+12+1]; /* query(1024) + euser + erealm + ehash(80) + etoken(20) + sequence(12) + \0(1) */ if(mysql_ping(conn) != 0) { log_write(ar->c2s->log, LOG_ERR, "mysql: connection to database lost"); return 1; } snprintf(iuser, MYSQL_LU+1, "%s", username); snprintf(irealm, MYSQL_LR+1, "%s", realm); mysql_real_escape_string(conn, euser, iuser, strlen(iuser)); mysql_real_escape_string(conn, erealm, irealm, strlen(irealm)); mysql_real_escape_string(conn, ehash, hash, strlen(hash)); mysql_real_escape_string(conn, etoken, token, strlen(token)); sprintf(sql, ctx->sql_setzerok, ehash, etoken, sequence, euser, erealm); log_debug(ZONE, "prepared sql: %s", sql); if(mysql_query(conn, sql) != 0) { log_write(ar->c2s->log, LOG_ERR, "mysql: sql update failed: %s", mysql_error(conn)); return 1; } return 0;}static int _ar_mysql_create_user(authreg_t ar, char *username, char *realm) { mysqlcontext_t ctx = (mysqlcontext_t) ar->private; MYSQL *conn = ctx->conn; char iuser[MYSQL_LU+1], irealm[MYSQL_LR+1]; char euser[MYSQL_LU*2+1], erealm[MYSQL_LR*2+1], sql[1024+MYSQL_LU*2+MYSQL_LR*2+1]; /* query(1024) + euser + erealm + \0(1) */ MYSQL_RES *res = _ar_mysql_get_user_tuple(ar, username, realm); if(res != NULL) { mysql_free_result(res); return 1; } mysql_free_result(res); if(mysql_ping(conn) != 0) { log_write(ar->c2s->log, LOG_ERR, "mysql: connection to database lost"); return 1; } snprintf(iuser, MYSQL_LU+1, "%s", username); snprintf(irealm, MYSQL_LR+1, "%s", realm); mysql_real_escape_string(conn, euser, iuser, strlen(iuser)); mysql_real_escape_string(conn, erealm, irealm, strlen(irealm)); sprintf(sql, ctx->sql_create, euser, erealm); log_debug(ZONE, "prepared sql: %s", sql);⌨️ 快捷键说明
复制代码
Ctrl + C
搜索代码
Ctrl + F
全屏模式
F11
切换主题
Ctrl + Shift + D
显示快捷键
?
增大字号
Ctrl + =
减小字号
Ctrl + -